package com.pxx.pj.pxx.service.realm;

import com.pxx.pj.pxx.dao.PxxMenuDao;
import com.pxx.pj.pxx.dao.PxxRoleMenuDao;
import com.pxx.pj.pxx.dao.PxxUserDao;
import com.pxx.pj.pxx.dao.PxxUserRoleDao;
import com.pxx.pj.pxx.pojo.PxxUser;
import org.apache.shiro.authc.*;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

import java.util.HashSet;
import java.util.List;
import java.util.Set;


@Component
public class ShiroUserRealm extends AuthorizingRealm {
 @Autowired
   private PxxUserDao pxxUserDao;
@Autowired
 private PxxUserRoleDao pxxUserRoleDao;
@Autowired
 private PxxRoleMenuDao pxxRoleMenuDao;
 @Autowired
 private PxxMenuDao pxxMenuDao;

    //授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        PxxUser user = (PxxUser) principalCollection.getPrimaryPrincipal();
        List<Integer> roleIds= pxxUserRoleDao.findRoleIdsByUserId(user.getId());
        if(roleIds==null||roleIds.size()==0)throw new AuthorizationException();
        List<Integer> menuIds = pxxRoleMenuDao.findMenuIdsByRoleIds(roleIds);
        if(menuIds==null||menuIds.size()==0)throw new AuthorizationException();
        List<String> permissions = pxxMenuDao.findPermissions(menuIds);
        if(permissions==null||permissions.size()==0)throw new AuthorizationException();
        Set<String> set = new HashSet<>();
        for(String per:permissions){
            if(!StringUtils.isEmpty(per)){
                set.add(per);
            }
        }
        System.out.println(set);
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        info.setStringPermissions(set);

        return info;

    }
    //认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordToken token=(UsernamePasswordToken)authenticationToken;
        String username = token.getUsername();
        PxxUser user= pxxUserDao.findUserByUserName(username);
        if(user==null)throw  new UnknownAccountException();
        if(user.getValid()==0)throw new LockedAccountException();
        ByteSource bytes = ByteSource.Util.bytes(user.getSalt());
        return new SimpleAuthenticationInfo(user, user.getPassword(), bytes,this.getName() );
    }
//返回加密对象
    @Override
    public CredentialsMatcher getCredentialsMatcher() {
        HashedCredentialsMatcher pxxMatcher = new HashedCredentialsMatcher();
        pxxMatcher.setHashAlgorithmName("MD5");
        pxxMatcher.setHashIterations(1);
        return pxxMatcher;
    }
}
